Functional safety in machine design and building

Wednesday, 1 March 2017

Functional safety is freedom from unacceptable risk of physical injury or of damage to the health of people. Today, people go to work expecting a safe working environment. No matter if they operate a crane to erect a new high-rise in the busy city center or pull tree trunks in the silence of the big woods, they know they have to watch out for safety issues themselves, but basically they expect a safe machine.

There is no such thing as a risk-free machine or application. Operators and bystanders working with heavy-duty and off-road machines in agriculture, construction or forestry know that they are exposed to some degree of hazard. And even when father and son stop at a road construction work to admire the excavators, they can be at risk if the machine suddenly tilts due to overload or failure of stabilizing legs or booms.

Functional safety is in the hands of machine producers, owners and operators, and even though risk cannot be eliminated, it can be brought to a tolerable level. The challenge is therefore to design a machine with a tolerable risk level.

Today, people go to work expecting a safe working environment. No matter if they operate a crane to erect a new high-rise in the busy city center or pull tree trunks in the silence of the big woods, they know they have to watch out for safety issues themselves, but basically they expect a safe machine.

It is therefore of vital importance to think of functional safety in machine development. Applying functional safety to the machine is a process like many others in the development project. Dividing the complete process into steps will allow for a systematic approach starting with defining the boundaries and requirements and ending up with an evaluation of the safety level required. This structured process allows for easy selection of components approved to the right level of functional safety.

The aim of risk reduction is to reduce the risks to the minimum tolerable level while still maintaining a high machine performance. It is important to note that even when applying the most conscientious approach to risk analysis, risk cannot be eliminated. But the rule is always: if a risk can be reduced, it must be reduced.

Along with the more generic standards that have previously set the bar for functional safety, machine safety standards are emerging that lay down specific safety requirements for specific types of machines.

The increasing use of more complex electronic and programmable devices in control systems brings advantages such as lower costs, fewer components, flexibility and compatibility. However, it also means that previous standards are no longer adequate.

Safety systems today use more of a ‘black box’ approach relying on conformity to industry-specific standards interrogating basic factors such as reliability and fault detection. The higher the risk of serious injuries, the higher level of risk detection is required.
It is important to bear in mind, that the functional safety certificate for an individual component does not make the complete system or sub-system certified. Both components and sub-systems can have a functional safety certificate. In case of individual components, it is always the responsibility of the manufacturer to have documentation that the component is certified to the stated standard.

Customer safety requirements are different, and it is crucial to use the right product in the right application. Therefore, Danfoss offers two types of pressure transmitters. The well proven MBS 1250 pressure sensor, which is suitable up to performance level c (PLc) as per ISO 13849-1, and the new DST P92S pressure sensor, which is SIL2 (IEC 61508 ) certified by TÜV for use up to performance level d (PLd) per ISO 13849-1.

  • Stabilizing legs prevent tilting during operation, where DST P92S is part of the safety circuit to ensure that the stabilizing legs are properly deployed or pulled in place.
  • Boom control is used to control that operators do not handle the equipment in a dangerous way that could cause tilting during operation.Using a DST P92S pressure sensor in combination with the controller, position and angle sensors ensures that the boom is not operated in a way that jeopardizes safety.
  • In machine control systems in lifting equipment, sensors are used to detect system failures and shut down operation of moving parts in case of dangerous operation. DST P92S is mounted on the manifold block ensuring that serious accidents are avoided.
  • New tractors often have two steering systems: Steering through a GPS and steering with a manual steering wheel. DST P92S pressure sensors give a signal when the steering wheel is manually operated.
     

The TÜV, PLD and SIL2 approved sensor represents best in class functional safety with several built-in safety measures. Among others, the sensor performs start-up diagnosis at every machine start up. During operation, cyclic diagnosis is performed by the sensor itself every 30-40Ms. If any failure is detected during start up or operation, the sensor switches to safe state.

The smart self-diagnosis of the sensor reduces the need for redundant, parallel circuits reducing the size of the sensor to one of the smallest in the market.

Functional Safety in machine design and building

Download and read the infographic